An Evaluation Framework for the Analysis of Covert Channels in the TCP/IP Protocol Suite
نویسندگان
چکیده
Information hiding techniques can be used by criminals and terrorists to communicate over covert channels within the TCP/IP protocol suite and can be used to overcome firewalls and most other forms of network intrusion detection and prevention systems. In this work we describe the covert channel concept and weaknesses in the five layered TCP/IP layered model. We then present an evaluation framework for the analysis of covert channels and illustrate this with an example featuring the heavily used IPv4 datagram header.
منابع مشابه
Detection And Elimination Of Covert Communication In Transport And Internet Layer – A Survey
Covert channels use stealth communications to compromise the security policies of systems. They constitute an important security threat since they can be used to exfiltrate confidential data from networks. TCP/IP protocols are used everyday and are subject to covert channels problems. Covert channels are used for the secret transfer of information. Encryption only protects communication from be...
متن کاملCovert Channels in Internet Protocols: A Survey
The creation of covert channels in public computer networks can prove an effective means of information hiding and secret communication. With the widespread adoption of the Internet the TCP/IP suite of protocols have become pervasive, and therefore an attractive target for covert channel exploitation. This paper gives a brief overview of covert channels in communication networks, and presents a...
متن کاملCovert Channels in TCP/IP Protocol Stack
We give a survey of different techniques for hiding data in several protocols from the TCP/IP protocol stack. Techniques are organized according to affected layer and protocol. For every covert channel its data bandwidth is given.
متن کاملPractical Data Hiding in TCP/IP
This work relates the areas of steganography, network protocols and security for practical data hiding in communication networks employing TCP/IP. Two approaches are proposed based on packet header manipulation and packet ordering within the IPSec framework. For the former the Internet protocol IPv4 header is analyzed to identify covert channels by exploiting redundancy and multiple interpretat...
متن کاملTcp/ip over Atm - Performance Evaluation and Optimisation
The integration of TCP/IP and ATM is a challenging architectural issue in today’s global networks, where the unique properties of ATM technology can be combined with the TCP/IP mature and well-proven protocol suite. A rigorous characterisation of the performance of TCP/IP over ATM can be a powerful tool for the efficient use of both technologies. TCP error and flow control mechanisms were desig...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- First Monday
دوره 2 شماره
صفحات -
تاریخ انتشار 1997